Out-of-Bounds Read in Linux Kernel SMB2 Write Vulnerability
CVE-2023-3865

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 August 2025

What is CVE-2023-3865?

The Linux kernel contains a vulnerability within the ksmbd module related to processing SMB2 write requests. Specifically, the function ksmbd_smb2_check_message fails to validate the NextCommand field correctly. When NextCommand exceeds the sum of Offset and Length in a smb2 write operation, it can lead to oversized write lengths. This mismanagement ultimately allows for out-of-bounds reads, potentially exposing sensitive information in memory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 0626e6641f6b467447c81dd7678a69c66f7746cf < 3813eee5154d6a4c5875cb4444cb2b63bac8947f

Linux 0626e6641f6b467447c81dd7678a69c66f7746cf

Linux 0626e6641f6b467447c81dd7678a69c66f7746cf < 58a9c41064df27632e780c5a3ae3e0e4284957d1

References

https://git.kernel.org/stable/c/3813eee5154d6a4c5875cb444...
https://git.kernel.org/stable/c/c86211159bc3178b891e0d60e...
https://git.kernel.org/stable/c/58a9c41064df27632e780c5a3...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.